Contact Us

Cyber Security Incident Commander

Haystack • United Kingdom
Remote
Apply
AI Summary

Lead major cyber security incident responses as Incident Commander, coordinating efforts against sophisticated threats. Leverage expertise in SIEM, EDR, and SOAR technologies, and adhere to NIST frameworks. Requires SC Clearance eligibility and ability to thrive under pressure in a fully remote role.

Key Highlights
Lead and coordinate major cyber security incidents
Deep technical proficiency with SIEM, EDR, SOAR, and Threat Intelligence platforms
Active SC Clearance or immediate eligibility
Key Responsibilities
Lead and coordinate major cyber security incidents including ransomware, data breaches, and insider threats as the primary Incident Commander.
Direct technical investigations in collaboration with SOC analysts and Threat Intelligence teams to analyze attack vectors and adversary TTPs.
Oversee triage, containment, and remediation strategies while ensuring the integrity of forensic evidence and detailed incident logs.
Drive operational readiness by developing IR playbooks and executing complex tabletop exercises and cyber incident simulations.
Act as a key liaison between IT, Legal, Compliance, and external partners, translating technical forensic data into executive-level summaries.
Technical Skills Required
SIEM EDR SOAR Threat Intelligence platforms (TIP)
Benefits & Perks
Competitive day rate
3-month rolling contract with high likelihood of extension to 12 months
100% remote working
Nice to Have
Strong command of Incident Response frameworks, specifically NIST and ISO, to guide governance and post-incident reviews.

Job Description


Cyber security incident manager

We're working with a leading global workforce solutions agency connecting top-tier talent with enterprise-scale security projects on this exciting opportunity.

Are you a battle-tested Incident Commander ready to lead the charge against sophisticated cyber threats? We are looking for a high-caliber professional to orchestrate major response efforts across NIST frameworks, leveraging deep expertise in SIEM, EDR, and SOAR technologies to protect critical infrastructure. This is a high-impact, fully remote role requiring SC Clearance eligibility and the ability to thrive under pressure.

The Role

  • Lead and coordinate major cyber security incidents including ransomware, data breaches, and insider threats as the primary Incident Commander.
  • Direct technical investigations in collaboration with SOC analysts and Threat Intelligence teams to analyze attack vectors and adversary TTPs.
  • Oversee triage, containment, and remediation strategies while ensuring the integrity of forensic evidence and detailed incident logs.
  • Drive operational readiness by developing IR playbooks and executing complex tabletop exercises and cyber incident simulations.

    • Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

  • Act as a key liaison between IT, Legal, Compliance, and external partners, translating technical forensic data into executive-level summaries.

What You'll Need

  • Proven experience leading complex cyber security incidents within a mid-to-large enterprise or MSSP environment.
  • Deep technical proficiency with SIEM, EDR, SOAR, and Threat Intelligence platforms (TIP) for root cause analysis.
  • Strong command of Incident Response frameworks, specifically NIST and ISO, to guide governance and post-incident reviews.

    • Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

  • Active SC Clearance (Security Check) or the immediate eligibility to undergo the clearance process.
  • Exceptional communication skills with the ability to command multi-disciplinary response teams and manage high-pressure stakeholder environments.

What's On Offer

  • Competitive day rate on a 3-month rolling contract with high likelihood of extension to 12 months.
  • Full flexibility with 100% remote working, allowing for a great work-life balance.
  • The opportunity to work on high-stakes, enterprise-level security incidents for a global market leader.

Apply via Haystack today!


Apply Now
Job Overview
Posted Date Apr 12, 2026
Employment Type Contract
Experience Level Mid-Senior level
Location United Kingdom
Category Cyber Security
Company Haystack
Mentioned Skills
nist incident response siem cyber security
Industries
technology
information and internet

Similar Jobs

Explore other opportunities that match your interests

IT & Security Engineer
Cyber Security
•
2d ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Associate

Gravitas Recruitment Group (Gl...

United Kingdom

Cyber Security Incident Manager
Cyber Security
•
2d ago
Visa Sponsorship Relocation Remote
Job Type Contract
Experience Level Mid-Senior level

Haystack

United Kingdom

Cyber Security Incident Manager

Cyber Security
•
4d ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

ManpowerGroup

United Kingdom

Subscribe our newsletter

New Things Will Always Update Regularly